Searchable Encrypted Relational Databases: Risks and Countermeasures
(2017) In Cryptology ePrint Archive 2017(24). p.1-20- Abstract
- We point out the risks of protecting relational databases via Searchable Symmetric Encryption (SSE) schemes by proposing an inference attack exploiting the structural properties of relational databases. We show that record-injection attacks mounted on relational databases have worse consequences than their file-injection counterparts on un- structured databases. Moreover, we discuss some techniques to reduce the effectiveness of inference attacks exploiting the access pattern leakage existing in SSE schemes. To the best of our knowledge, this is the first work that investigates the security of relational databases protected by SSE schemes.
Please use this url to cite or link to this publication:
https://lup.lub.lu.se/record/218bd047-d6ca-4112-9147-4e4d087b4910
- author
- Abdelraheem, Mohamed Ahmed ; Andersson, Tobias and Gehrmann, Christian LU
- organization
- publishing date
- 2017-01-10
- type
- Contribution to specialist publication or newspaper
- publication status
- published
- subject
- keywords
- searchable symmetric encryption, relational databases, inference attacks, injection attacks, privacy constraints, vertical fragmentation
- in
- Cryptology ePrint Archive
- volume
- 2017
- issue
- 24
- pages
- 20 pages
- publisher
- IACR
- external identifiers
-
- scopus:85030152876
- language
- English
- LU publication?
- yes
- id
- 218bd047-d6ca-4112-9147-4e4d087b4910
- alternative location
- http://eprint.iacr.org/2017/024
- date added to LUP
- 2018-09-14 10:12:30
- date last changed
- 2022-04-25 17:16:33
@misc{218bd047-d6ca-4112-9147-4e4d087b4910, abstract = {{We point out the risks of protecting relational databases via Searchable Symmetric Encryption (SSE) schemes by proposing an inference attack exploiting the structural properties of relational databases. We show that record-injection attacks mounted on relational databases have worse consequences than their file-injection counterparts on un- structured databases. Moreover, we discuss some techniques to reduce the effectiveness of inference attacks exploiting the access pattern leakage existing in SSE schemes. To the best of our knowledge, this is the first work that investigates the security of relational databases protected by SSE schemes.}}, author = {{Abdelraheem, Mohamed Ahmed and Andersson, Tobias and Gehrmann, Christian}}, keywords = {{searchable symmetric encryption; relational databases; inference attacks; injection attacks; privacy constraints; vertical fragmentation}}, language = {{eng}}, month = {{01}}, number = {{24}}, pages = {{1--20}}, publisher = {{IACR}}, series = {{Cryptology ePrint Archive}}, title = {{Searchable Encrypted Relational Databases: Risks and Countermeasures}}, url = {{http://eprint.iacr.org/2017/024}}, volume = {{2017}}, year = {{2017}}, }